Inside Rensselaer on ISTS6
Rensselaer’s Inside Rensselaer bulletin, which is sent to faculty and staff, ran an article on RPISEC’s participation in ISTS6 at the Rochester Institute of Technology. It’s a bit sensationalistic, though it couldn’t go into too much detail.
May 9th, 2008 at 11:33 am
I saw the article via the May 2008 RPI Alumni Newsletter. I’d love to read some details of how your team and the other teams tried to protect their servers. Which OS’es were used, were the services custom-written instead of standard OS services, etc.? Color me curious :-). John
May 9th, 2008 at 3:21 pm
Hi John,
It’s been a while so I don’t think I can answer very clearly. I’ll try to get Alex or Rob to describe some of the things they saw.
Our system was Debian, locked down by a very clever script Rob wrote to ensure that all extra executables were out of users’ reach, and that every directory had a quota. As for our competitors, there were a handful of Ubuntu Servers, if I remember correctly.
The services were all standard installs, which I thought detracted from the contest — it’s not likely that a fresh install of Apache is going to contain some fatal flaw that you happen to know about (there was no Internet access during the competition). So people just fork bombed each other. (We protected against this by limiting the number of processes a user could have open at one time.)
Personally I think it’s more fun to start with a system that you know is flawed and have to audit it and fix it in a live environment, as in iCTF.
May 9th, 2008 at 5:44 pm
Hi!
I think the majority of the machines were openbsd actually. The services were pretty stale, standard things, all up to date. As Ryan mentioned the services weren’t custom written, which made gameplay much more difficult.
Some of the highlights included failed chroot setups with world readable password files (but not enough time to crack them =p), fork bombing “locked down” machines (kinda lame), watching pentesters DoS us and everyone else with ssh brute force attacks, /dev/urandom, terminal escape sequence kung fu, and asking kindly for passwords with no success.
There were also a series of challenge servers. These were also not custom written (unlike previous years i’ve heard). There was a default install OS X Server, a bbs running on windows 3.1, a vulnerable icecast server, a linux machine with default passwords, and some more windows machines.
No network warfare was allowed either, further limiting attacks.